Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Prog 38081 8.2 - session tracking - http session

Related Books

Free with a 30 day trial from Scribd

See all
  • Login to see the comments

  • Be the first to like this

Prog 38081 8.2 - session tracking - http session

  1. 1. Session Tracking: HttpSessionPROG 38081 - Fall 2012 William Barry 1
  2. 2.  Recall that HTTP is a stateless protocol  The web server cannot associate a request with a particular client  Each request is independent of all other requests, even multiple requests by the same client HTTP is perfectly suitable for simple Web browsing Interactive Web applications often have requests that are related  Online banking  Course registrationPROG 38081 - Fall 2012 William Barry 2
  3. 3.  A session is a chain of related interactions between a single client and the Web server over a period of time Session tracking enables the Web server to track data among requests in a session (by a client) There are a number of techniques we can employ to keep track of client requests  “Remember” the state of a clientPROG 38081 - Fall 2012 William Barry 3
  4. 4.  Issues with using hidden fields or cookies for session tracking  Data is not secure  Difficult to deal with large sets of data The Servlet API provides session tracking capabilities  Ability to track large sets of data  Data is stored as objects  Data is kept on the server sidePROG 38081 - Fall 2012 William Barry 4
  5. 5.  First HTTP Request:  The browser requests a site for the first time  The servlet engine creates a session object and assigns an ID for the session First HTTP Response:  The server returns the response and the ID for the session  Ex. jsessionid=E587B704A1... Subsequent HTTP Requests:  The browser requests a servlet and supplies the session ID: ▪ jsessionid=E587B704A1...  The servlet engine uses the session ID to associate this browser with its session objectPROG 38081 - Fall 2012 William Barry 5
  6. 6.  A session object is implicitly created when a browser makes the first request to a site  The session object is destroyed when the session ends  Specified amount of time elapses without another request  The user exits the browserExample: Creating/retrieving a session objectHttpSession session = request.getSession();Returns the HttpSession object associated with this request. If therequest does not have a session associated with it, this method createsa new HttpSession object and returns it.PROG 38081 - Fall 2012 William Barry 6
  7. 7.  Methods for the Session:  session.setAttribute(“name”, “Debra”); ▪ Stores any object in the session as an attribute and specifies a name for the attribute ▪ Set the value for an attribute named name to the String object “Debra” ▪ Can store any Object type in the session!  String name = (String)session.getAttribute(“name”); ▪ Returns the value of the specified attribute as an Object type ▪ You must cast to the appropriate data type! ▪ Returns null if the attribute doesn’t exist in the session  session.removeAttribute(“name”); ▪ Removes the specified attribute from this sessionPROG 38081 - Fall 2012 William Barry 7
  8. 8. // Get the session objectHttpSession session = request.getSession();// Add a price attribute to the session as a Stringdouble price = 9.99;session.setAttribute(“price”, String.valueOf(price));// Get an age attribute from the sessionint age =Integer.parseInt((String)session.getAttribute(“age”)); Use String.valueOf() to set a numeric value to a String Use Integer.parseInt() or Double.parseDouble() to parse a string to a numeric valuePROG 38081 - Fall 2012 William Barry 8
  9. 9.  Download the prog38081.httpsession project from SLATE index.html contains a form that has text fields for the following:  firstName  lastName  email  age  weight Complete the CreateSessionServlet  Get all HTTP request parameters  Create an HttpSession object  Create a FullName object based on first and last name  Store the FullName object and other request parameters as attributes in the session Complete the GetSessionServlet  Get the HttpSession object associated with this request  Get all attributes of the session  Display the attribute values in the HTML table responsePROG 38081 - Fall 2012 William Barry 9
  10. 10.  Download the prog38081.httpsession.purchaseorder project from SLATE Complete EditPurchaseOrderServlet  Create an HttpSession object  Get the Order ID from the request  Add the order object to the sesssion Complete ConfirmEditPurchaseOrderServlet  Get the HttpSession object  Get the order attribute from the session (original order values)  Get the HTTP Request parameters (modified order values)  Display the order information  Create a CustomerOrder object with the updated values for each field  Set the session value of the order attribute to the new CustomerOrder object Complete UpdatePurchaseOrderServlet  Get the HttpSession object  Get the order object from the session  Update the order information  Redirect to ViewCustomerOrdersServletPROG 38081 - Fall 2012 William Barry 10
  11. 11.  Remember that a user’s session doesn’t end until:  A specified amount of time has elapsed  The user closes the browser We can set the maximum inactive interval for a session  session.setMaxInactiveInterval(int seconds); ▪ Default interval is 1800 seconds (30 minutes) ▪ You can create a session that has infinite inactive interval by supplying a negative integer ▪ Session is only invalidated when the user closes the browser We can invalidate a session immediately  session.invalidate();PROG 38081 - Fall 2012 William Barry 11